Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-04-18_0e37139c18ce6fc2cb88aec20a340be9_cryptolocker

  • Size

    61KB

  • Sample

    240418-mgs27abf6v

  • MD5

    0e37139c18ce6fc2cb88aec20a340be9

  • SHA1

    71c64949bd04f74438125812b6028ca0e6e6894f

  • SHA256

    e6f2ff6e896cd6e0a09df3c01db810f1cfb139cc4d9e87b303b7761017e50b89

  • SHA512

    db45e65cd187194fae0c65041422a9c23ca4a70ebb60e721d5cbe0bbf9335365d4737ee25e4ee13b5041da4ce6d3a7ddbd7678dcaaa39955e357539507410fbf

  • SSDEEP

    1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMNuSP:TCjsIOtEvwDpj5HE/OUHnSMZw

Score
10/10

Malware Config

Targets

    • Target

      2024-04-18_0e37139c18ce6fc2cb88aec20a340be9_cryptolocker

    • Size

      61KB

    • MD5

      0e37139c18ce6fc2cb88aec20a340be9

    • SHA1

      71c64949bd04f74438125812b6028ca0e6e6894f

    • SHA256

      e6f2ff6e896cd6e0a09df3c01db810f1cfb139cc4d9e87b303b7761017e50b89

    • SHA512

      db45e65cd187194fae0c65041422a9c23ca4a70ebb60e721d5cbe0bbf9335365d4737ee25e4ee13b5041da4ce6d3a7ddbd7678dcaaa39955e357539507410fbf

    • SSDEEP

      1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMNuSP:TCjsIOtEvwDpj5HE/OUHnSMZw

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks